package it.softphone.cmc.server.security;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter;

public class MultiTenantBasicHttpAuthenticationFilter extends BasicHttpAuthenticationFilter {

	public MultiTenantBasicHttpAuthenticationFilter() {
	}

	private String getTenant( ServletRequest request ) {

		String tenant = null;
		
		if( request instanceof HttpServletRequest ) {
			
			tenant = ((HttpServletRequest)request).getHeader("tenant");
		}
			
/*		
		if( tenant == null ) {
			 TenantService service = ApplicationConfig.getBean(TenantService.class);
			 tenant = service.getSystemTenant();
		}
*/		
		return tenant;

	}

	@Override
	protected final AuthenticationToken createToken(String username, String password,	ServletRequest request, ServletResponse response) {
		boolean rememberMe = isRememberMe(request);
		String host = getHost(request);
		String tenant = getTenant(request);

		return new MultiTenantAuthenticationToken(username, password, rememberMe, host, tenant );
	}

}
